8000 [Snyk] Security upgrade jest from 27.2.5 to 29.6.0 by LadyK-21 · Pull Request #39 · LadyK-21/setup-python · GitHub
[go: up one dir, main page]
Skip to content

[Snyk] Security upgrade jest from 27.2.5 to 29.6.0 #39

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHu 8000 b”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Security upgrade jest from 27.2.5 to 29.6.0 #39

wants to merge 1 commit into from

Conversation

LadyK-21
Copy link
Owner

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
critical severity 786/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 9.3		 Incomplete List of Disallowed Inputs
SNYK-JS-BABELTRAVERSE-5962462		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR A32E was raised.

Commit messages
Package name: jest The new version differs by 250 commits.
  • c1e5b8a v29.6.0
  • 3015fd1 chore: update changelog for release
  • 8f35bcd chore(deps): update yarn to v3.6.1 (#14291)
  • 02ce2a7 chore: use `fs.rm` instead of `fs.unlink` in test (#14296)
  • 4ecf91c feat: add support for snapshot matchers in concurrent tests (#14139)
  • 372d6c5 Revert "feat: add match named snapshot (#14045)"
  • aaf5315 chore: upgrade @ tsconfig/node14 (#14284)
  • e60ab7c chore: upgrade to TS 5.1 (#14276)
  • 8a413ba chore: update typescript to v5 in e2e tests (#14273)
  • 3da370f Fix vulnerability of regular expression denial of service by upgrading semver to 7.5.3 (#14262)
  • efe3edd chore: upgrade rimraf (#14250)
  • e536dd7 chore: test Node 20 on CI (#14215)
  • b133201 chore: replace `peter-evans/close-issue` action with gh CLI usage (#14235)
  • 59618f3 chore(deps): update dependency @ types/react-is to v18 (#14229)
  • 2b956eb chore(deps): update dependency eslint-plugin-jsdoc to v46 (#14231)
  • 0e7e7a6 fix: upgrade typebox (#14220)
  • f4172f5 chore: upgrade yarn (#14213)
  • c044b8b chore: fix prettier violation
  • 05633f6 chore(deps): update node orb to v5.1.0 (#14214)
  • f91b077 chore: lock down lerna-lite dep
  • 57e1d4e Prevent false test failures caused by promise rejections handled asynchronously (#14110)
  • 2cc0258 Configure Renovate (#14209)
  • 4aae8e9 examples: use right way to reverse state in examples code 'CheckboxWithLabel.js' (#14184)
  • bf16169 docs: remove unused import from example (#14197)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@LadyK-21 @snyk-bot
0